As a security measure, modern web browsers restrict the types of interactions that are permitted between distinct web sites. This can cause problems when attempting cross-site integration, for example when embedding the HACloud web client into another website, such as a portal. CORS is a standard mechanism that you can use to specify that the browser permit access from one site to another site.
You can configure the HACloud session server to include the required CORS HTTP header when it responds to web requests by adding an additional property to the container.properties file.
To add the Allowed-Origins header value property:
Open <install directory>/sessionserver/conf/container.properties.
Add a new entry using the property name: cors.allowed.origins
For example, cors.allowed.origins=https://integration-server1.com
Restart the session server.
You can set this value to a comma-delimited list of allowed origins or use * to allow access from all origins (Allowing this kind of open access may be a security risk). If you use the wild card option(*), be aware that web browsers impose additional restrictions, such as limited Cookie access. For more information, see Cross-Origin Resource Sharing (CORS) - HTTP/MDN.